<?php

function injCheck($sql_str) {
    $check = preg_match('/select|insert|update|delete|\'|\*|union|into|load_file|outfile/', $sql_str);
    if ($check) {
        echo '非法字符！！';
        exit;
    } else {
        return $sql_str;
    }
}

injCheck('masaikk and 1=1');

?>
